[Ruby-DBI-devel] SQLite: null character check.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi.

With SQLite.c CVS revision 1.8. Following code results output
"abcdeff". (Without any error)

----------------------------------------------------------------
require "dbi"

dbi = DBI.connect("DBI:SQLite:/tmp/testDBI.db")
print(dbi.select_one("SELECT ?", "abcdef\0ghijk")[0])
----------------------------------------------------------------

This cause serious problem with UPDATE statement:

  dbi.do("UPDATE tbl SET fld = ? WHERE id = 1", "abcdef\0ghijk")

results same effect to "UPDATE tbl SET fld = 'abcdeff'", unexpectly
all of records are updated.

It is needed NULL character check in SQL statement passed to SQLite.
-- 
Shirai,Kaoru <sh...@ko...>
Korinkan Ltd. - http://www.korinkan.co.jp/